With the rapid development of network and communication technologies,resource sharing and collaboration are becoming popular.However,resource provider and requester are always located in different security domains in open systems.How to establish trust between strangers without prior relationship to guarantee the security of resource sharing in open systems has become a pressing problem.Automated Trust negotiation(ATN) is a new research direction in the field of access control,which establishs trust between strangers through iterative disclosure of digital credentials and access control policies.ATN provides enough security guarantees for people who want to share resource across security domains in open systems and has become a hot topic to researchers because of its future for application.In ATN,policy language is an important tool in describing and realizing access control policies.A well-defined policy language is a cornerstone and guarantee for enforcing ATN successfully.Many policies languages have been designed to support resource sharing across security domains,but none of them can not only employ by a user conveniently but also facilitate the processing of the system.According to the requirements for policy language for ATN,a layer-based policy language(LPL) is presented.LPL divides policy language into three layers:the user layer,the middle layer and the system layer.According to the characteristic of every layer,LPL is composed of UPL(user Oriented policy language),SWI,a switch tool that translates credentials and access control policies described by UPL into XPL description,and XPL(xml-based policy language),which is system Oriented.UPL has a simple form and can be easily understood and conveniently employed by a user.XPL has uniform form which facilitates the processing of the system. SWI simplifies users in issuing credentials and defining their access control policies.In open system,there are many entities that interact with each other in order to obtain and offer resources frequently.Several trust negotiation approaches have been proposed so far,most of which mainly focus on one of the aspects of trust negotiation,such as privacy protection and the selection of the negotiation strategy.How to speed up subsequent negotiations between these entities is a problem worth of research.Aiming at the problem,a history based trust negotiation(HBTN) model is presented.HBTN uses visiting card to identify every entity in an open system and records all credentials the counterparty disclosed in a successful negotiation in a history information base(HIB).Both parties need not to negotiate and disclose these credentials again.Consequently,HBTN speeds up subsequent negotiations between the parties who contact with each other frequently. However,HBTN has a fatal weakness that a vicious negotiator can collect credentials to infer more sensitive information about others.To solve the problem,HRBTN(history and role based trust negotiation) introduces the concept of role to HBTN.HRBTN maps the counterparty to many roles connecting with many access privileges according to the credentials he disclosed during previous successful negotiation.HRBTN records these roles with its credential disclosure sequence in the HIB.In the subsequent negotiation,the resource provider checks that if the requester has a role that is permitted to access the resource.If such a role exists,the negotiators can disclose credentials according to the credential disclosure sequence and then conduct a successful negotiation.Compared to HBTN,HRBTN is less efficacious,but it has a higher security and meets the requirements for ATN.Information feedback plays an important role in ATN.Based on the analysis of the characteristic of every phase of ATN,this paper introduces the bayesian probability measurement method to trust negotiation and presents a Bayesian-based Information Feedback(BIF) mechanism.When a user is denied to access the rsource by the system,he can alter his access condition to gain access.While a list of all possible alternatives is likely to be large and not very useful,BIF computes the probability of changing some conditions under the current conditions,and suggests an alternative with greatest possibility for the user.The user selects new access condition according to the feedback provided by the BIF to gain access.BIF divides a trust negotiation process into two phases:the client testification phase and the server testification phase.In the client testification phase,both parties care nothing but what the client can change.In the server testification phase,the server computes the objective conditions under which a client is permitted to access the resource he request according to the credentials disclosed by the client and feedback this information to the client.Consequently,BIF can develop the negotiation process and improve the negotiation success rate.ATN has only experienced with a fugacious history of ten years from its naissance. During the period,ATN has obtained great development.Next step,researchers and scientists should pay much attention to ATN's practical exploitation and application,and display ATN's worthiness through ATN's commercial business and transaction. |